From 83db1d7fb09d08903c0fdb1f2a2c735085fdf30c Mon Sep 17 00:00:00 2001 From: Diego Lendoiro Date: Thu, 14 Jun 2018 17:33:46 +0200 Subject: [PATCH] use declare instead of printenv for safe env var export. Fixes #105 --- bin/docker-entrypoint.sh | 3 +-- spec/docker_runtime/runtime_spec.rb | 4 ++-- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/bin/docker-entrypoint.sh b/bin/docker-entrypoint.sh index 01a602e..c4bc6bb 100755 --- a/bin/docker-entrypoint.sh +++ b/bin/docker-entrypoint.sh @@ -71,9 +71,8 @@ install() { } email_cron_job() { - printenv > /etc/environment - sed -i 's/=\(.*\)/="\1"/g' /etc/environment cron_task='/etc/cron.d/passbolt_email' + declare -p | grep -Ev 'BASHOPTS|BASH_VERSINFO|EUID|PPID|SHELLOPTS|UID' > /etc/environment if [ ! -f "$cron_task" ]; then echo "* * * * * su -c \"source /etc/environment ; /var/www/passbolt/bin/cake EmailQueue.sender\" -s /bin/bash www-data >> /var/log/cron.log 2>&1" >> $cron_task crontab /etc/cron.d/passbolt_email diff --git a/spec/docker_runtime/runtime_spec.rb b/spec/docker_runtime/runtime_spec.rb index 280c429..2b6d10a 100644 --- a/spec/docker_runtime/runtime_spec.rb +++ b/spec/docker_runtime/runtime_spec.rb @@ -9,7 +9,7 @@ describe 'passbolt_api service' do 'MYSQL_ROOT_PASSWORD=test', 'MYSQL_DATABASE=passbolt', 'MYSQL_USER=passbolt', - 'MYSQL_PASSWORD=P4ssb0lt' + 'MYSQL_PASSWORD=±!@#$%^&*()_+=-}{|:;<>?' ], "Healthcheck" => { "Test": [ @@ -28,7 +28,7 @@ describe 'passbolt_api service' do @container = Docker::Container.create( 'Env' => [ "DATASOURCES_DEFAULT_HOST=#{@mysql.json['NetworkSettings']['IPAddress']}", - 'DATASOURCES_DEFAULT_PASSWORD=P4ssb0lt', + 'DATASOURCES_DEFAULT_PASSWORD=±!@#$%^&*()_+=-}{|:;<>?', 'DATASOURCES_DEFAULT_USERNAME=passbolt', 'DATASOURCES_DEFAULT_DATABASE=passbolt', 'PASSBOLT_SSL_FORCE=true'